In most cases, you want to restrict authenticated users from accessing every part of an application. You can implement authorization features that ensure users can access only the user interfaces and data that they are authorized to access. The Pega Platform provides a complementary set of access control features called Role-based access control and Attribute-based access control.
Another access control capability in Pega is Client-based access control (CBAC). This is more focused on tracking and processing requests to view, update or remove personal Customer data held across your Pega applications, such as that required by EU GDPR (and similar) regulations. In itself, it doesn’t influence the authorization considerations for lead system architects when designing a Pega application, and is not discussed further in this module.